Kaspersky says that if you decide to write or download a program that executes arbitrary bytecode written to the blockchain it would be possible for somebody to put malicious bytecode on the blockchain that you could then execute if you decided to point to those transactions.
Fortunately there's a fix - don't do that. Nobody does that.
There's no way to execute arbitrary code on the host.
>Unfortunately, many of these scripts appear to call a rather large
number of third-party tools that likely have not been designed with
malicious inputs in mind.
Bitcoin was designed with malicious inputs in mind.
As far as I can tell, the point of this demonstration is that you can store bytes representing a piece of malware in the blockchain. That is, just treat the blockchain as a storage medium for your malware code, since it is in the end a distributed database. You still need some other piece of malware to read this bytes and execute them, which makes this not really a "vulnerability". As far as I can tell it's more a case of "append-only publicly-writable distributed DB operating as intended".
As far as I can tell it's more a case of "append-only publicly-writable distributed DB operating as intended".
Indeed, it's almost the same as "people can post content like comments to websites - so they can post code of malware too!" Feels like a bit of anti-Bitcoin FUD.
Perhaps not the best metaphor... malicious comments posted to web sites not only "can" cause users to download malware, they have, with some frequency.
you can "fix" this by applying the same practices you do for data input from any untrusted source on your software, don't execute it. The risk with a global, irrevocable, cumulative append-only database is someone inserting data that will get the possessor of any full bitcoin node into serious trouble just for even having the data. Such as child pornography. Or, I suppose if you're in China, pictures of something like the Tiananman tank guy.
Apparently someone has already inserted child porn (or at least, links to it - I wasn't comfortable with researching further into this...) into the blockchain, along with "illegal primes" and other not-so-legal content. Everyone with full nodes already has this data.
It does raise some interesting philosophical questions about the nature of digital data and when legal becomes illegal, since a series of bits can be interpreted in an infinite number of ways.
I wrote a year ago about random data of all sorts that is stored in the blockchain: pictures, a PDF, JavaScript XSS, three separate rickrolls, programs in BASIC and Python, 2.5 MB of Wikileaks data, a leaked firmware key, and all sorts of other benign and malicious stuff. So I don't see what's new in this.
Seriously misleading headline. As far as I can tell, the "vulnerability" is that you can append random junk to the blockchain (which basically means it's working as intended), not that you can manipulate existing contents, which would bring every cryptocurrency crashing down.
This is actually more of an issue with things like e.g. Namecoin; depending on your parsing library, just processing namecoin values can do bad things to your computer. There are some namecoin values out there on the lines of 'namecoind send XXX to YYY'.
It seems to me more like the author misunderstood some of the point of the talk; I would rate the botnet command and control angle more worrisome from an Interpol point of view than a local exploit from shoddily written fake Bitcoin software.
16 comments
[ 2.7 ms ] story [ 51.0 ms ] threadFortunately there's a fix - don't do that. Nobody does that.
Or any code at all that parses the contents of the blockchain. This applies to any program or function that takes untrusted input.
http://seclists.org/fulldisclosure/2014/Nov/74
There's no way to execute arbitrary code on the host.
>Unfortunately, many of these scripts appear to call a rather large number of third-party tools that likely have not been designed with malicious inputs in mind.
Bitcoin was designed with malicious inputs in mind.
As far as I can tell, the point of this demonstration is that you can store bytes representing a piece of malware in the blockchain. That is, just treat the blockchain as a storage medium for your malware code, since it is in the end a distributed database. You still need some other piece of malware to read this bytes and execute them, which makes this not really a "vulnerability". As far as I can tell it's more a case of "append-only publicly-writable distributed DB operating as intended".
I could be missing something, though...
Indeed, it's almost the same as "people can post content like comments to websites - so they can post code of malware too!" Feels like a bit of anti-Bitcoin FUD.
It does raise some interesting philosophical questions about the nature of digital data and when legal becomes illegal, since a series of bits can be interpreted in an infinite number of ways.
http://www.righto.com/2014/02/ascii-bernanke-wikileaks-photo...
Not a non-threat..but not an important one either.
It seems to me more like the author misunderstood some of the point of the talk; I would rate the botnet command and control angle more worrisome from an Interpol point of view than a local exploit from shoddily written fake Bitcoin software.